Wednesday, April 16, 2014

oracle.webservices.preemptiveBasicAuth for invoking the webservices with Basic Authentication- Oracle SOA Suite

oracle.webservices.preemptiveBasicAuth for invoking the webservices with Basic Authentication- Oracle SOA Suite

HTTP basic authentication can have two types of authentication handshake methods, one is Reactive another one is Preemptive,

Reactive:

  • The client makes a request for a resource which needs authentication;
  • The server returns an HTTP 401 Authorization required response (indicating the authentication scheme and realm) with WWW-Authenticate header.
  • The client re-submits the request with an Authentication header;
  • The server verifies client credentials and returns the resource if authenticated successfully..

Preemptive:

The client can preemptively pass the credentials on the first request. The server returns immediately the resource if authenticated successfully.

Not all the authentication server accepts the Preemptive authentication mode, The NTLM authentication will not support the Preemptive handshake method it should be Reactive.

In Oracle SOA 11g the parnerlink binding property oracle.webservices.preemptiveBasicAuth will help us to set the handshake method accordingly.
  • oracle.webservices.preemptiveBasicAuth=false - Reactive mode
  • oracle.webservices.preemptiveBasicAuth=true - Preemptive mode

While invoking the service with NTLM authentication the value for the property oracle.webservices.preemptiveBasicAuth should be set as false along with the Basic authentication header properties oracle.webservices.auth.username and oracle.webservices.auth.password.


In Oracle SOA Suite 12c - add the below properties under binding.ws in composite file

 <property name="oracle.webservices.auth.username" type="xs:string" many="false">test</property>
             <property name="oracle.webservices.auth.password" type="xs:string" many="false">password</property>
             <property name="oracle.webservices.preemptiveBasicAuth" type="xs:string" many="false">false</property>

oracle_soasuite_12c_preemtive_authentication

5 comments:

  1. This comment has been removed by the author.

    ReplyDelete
  2. This comment has been removed by the author.

    ReplyDelete
  3. We are struggling with calling a WCF service which has NTLM authentication. Whatever way we give, the error is ‘oracle.fabric.common.FabricInvocationException: Unable to invoke endpoint URI "http://<>host:/services/servicename.svc" successfully due to: javax.xml.soap.SOAPException: javax.xml.soap.SOAPException: Bad response: 400 Bad Request’.
    Below are the properties we are setting from our Composite.xml

    name="weblogic.wsee.wsat.transaction.flowOption" type="xs:string" many="false" WSDLDriven
    name="oracle.webservices.preemptiveBasicAuth" type="xs:string" many="false" false
    name="oracle.webservices.auth.username" type="xs:string" many="false" domain\username
    name="oracle.webservices.auth.password" type="xs:string" many="false" password

    Thanks!
    Sandeep

    ReplyDelete
  4. Hi Sandeep,
    We're running into HTTP 400 as well when calling a .asmx service with NTLM authentication. How did you resolve the HTTP 400 error? We're on 12.1.3

    Thank you.
    --
    Dilip

    ReplyDelete
    Replies
    1. Hi Dilip, I had this problem with 12.1.3. How did you resolve?

      Delete